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Data Isolation System and Method 

Field of Invention 

5 The present invention relates to data isolation system and method and refers 
particularly. thougNMrougM not exclusively, to a data isolation system and method for 
at least one of software and data: maintenance, back up, recovery, security and 
privacy control, within a computer system or network, 

10 Background to the Invention 

With the great advances in semiconductor technologies over the last thtrtvt htftles 
years, computer hardware reliability has increased significantly. Software installed 
and used on the computer causes more than 80% of computer problems. 

15 

Many computer users are not sufficiently technically trained to handle a system failure. 
They often need to contact a call center for assistance. This is a time consuming and 
costly way of supporting computer systems, as the technical support staff at the call 
center cannot see the problem. Furthermore, many users do not have a full or 
20 complete back up regime and therefore are not always able to restore their computer 
system to full operational capability. 

There are a number of remote management software applications available. They 
enable an authorized remote computer user to logon to the host computer. The 

25 remote computer user will have the full control of. and access rights to, the host 
computer as If operating at the host computer location. Remote software applications 
are good for many applications such as distant working. A user can access their 
company computer system from a home computer system over the Internet. However, 
such remote software Is not suitable for remote technical support for the system or 

30 software. The computer user should not be required to allow access to their sensitive 
or private data files to unknown third party maintenance staff. 

Problems relating to the reliability of software installed on a computer may be 
classified as being due to: 
35 1 ) installation and use of unstable software that leads to a system failure; | 

2) installation and use of an unsuitable device driver that leads to a system 

failure; 

3) unintentional deletion of important system files that leads to a system failure; 
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4) installation and use of software that conflicts with a system dynamic link 
library; 

5 5) attacks by computer viruses or hackers that lead to system Instability and 
failure; 

6) excessive software installations that lead to a large number of system files. 
This may cause system instability, and slow processing; and 

7) installation and use of various service providers that leads to system instability 
10 and failure. 

It is often difficult and time consuming to Identify the cause of any of the above 
problems. Frequently, a skilleds killftrf technician is required to handle these issues, 
which Is costly for most small and medium sized companies. Furthermore, some data 
15 may be permanently lost during a system failure leading to financial loss to the 
company. 

However, it is possible to Identify the condition of the computer system-operating 
environment as being in a normal or unstable state. If it is possible to maintain and 
20 backup the entire system environment when it is in a normal working condition, it will 
be possible to resolve the unstable system condition by restoring the normal working 
system environment after detection, prior to, or after system failure. A normal working 
operating environment can then resumed. 

25 There are many software maintenance, back up and recovery solutions available. In 
genera!, these solutions differ by using various methods to restore the system 
environment. However, none are capable of restoring dynamic data files, especially 
those containing user data that was modified between the last back up and the system 
failure. Some data loss Is inevitable with known products. Such data loss may cause 

30 significant difficulties to the computer user. For example, an address book, stored 
email messages, and so forth may be permanently lost. This issue becomes more 
significant when the user does not back up or save their data files on a regular basis. 

Summary of the Invention 

35 

In one aspect of the present invention there Is provided a data isolation system for 
software and data maintenance, back up and recovery for a computer wherein 
dynamic data files are identified and passed into a hidden partition on a hard disk of 




the computer, the passing being by one or more selected from the group consisting of: 
copying and redirection; and preferably access control and filtering. 

Automatic back ups may be made to the dynamic data files in the hidden partition 
whenever the dynamic data flies are accessed and modified. The dynamic data files 
may include the computer's operating environment so that the computer's operating 
environment can be restored from the dynamic data files in the hidden partition. The 
dynamic data files In the hidden partition may include data up to the time of a failure of 
the computer's system. 

Compression may be used for at least one file of the dynamic data files In the hidden 
partition, and encryption may be used for at least one of the dynamic data files in the 
hidden partition. 

The hidden partition and its content may be neither manageable nor accessible by the 
computer's operating system. The dynamic data files in the hidden partition may not 
be accessible by any software application on the computer. Prior to copying the 
dynamic data files into the hidden partition, all software installed on the computer, 
including an operating system for the computer, may be segregated Into at least one 
static routine and the dynamic data files, dynamic data files including system 
configuration files, and user data files. The segregation may comprise categorization. 

All data sent from the operating system to the dynamic data files and all data sent 
from the dynamic data files to the operating system may be passed to the dynamic 
data files in the hidden partition. The dynamic data files in the hidden partition may be 
continuously updated. 

On system recovery, a last back up system environment in the hidden partition, with 
the copied dynamic data files, may be recovered. The dynamic data files In the 
hidden partition may Include all data up to an instant before the recovery process was 
invoked, and the system environment may include the operating system and software. 

Upon new software being installed in the computer, the installation may be delayed 
until a back up of the existing system environment to the hidden partition is completed 
and, after completion of the back up, the installation is resumed. If system instability 
or failure Is encountered after the installation or running of the new application, the 
computer system may restore the previous operating environment from the back up. 
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Upon a new device driver being Installed in the computer, the installation may be 
delayed until a back up of the existing system environment to the hidden partition is 
completed and, after completion of the back up. the installation is resumed and, if 
system Instability or failure is encountered after the installation or running of the new 
5 device driver, the computer system may restore the previous operating environment 
from the back up. 

The software application and its dynamic data files may be copied to the hidden 
partition as independent modules. The dynamic data files in the hidden partition may 
10 work as active data files for a software application and may be continuously updated. 

The segregating or categorizing of the dynamic data files of may be by use of a data 
Isolation technique that consists of one or more of: 

(a) automatic selection of a^commonly used software application of the 
1 5 primary operating system; 

(b) automatic selection of a.commonly used software application; 

(c) selection of a.software application by a user of the computer; and 

(d) selection of files or file folders by the user 

20 For (a), (b) and (c) all dynamic data files belonging to the software application may be 
automatically segregated and stored to the hidden partition. For (d) the selected files 
or all the dynamic data files belonging to the selected file folders may be automatically 
segregated and stored to the hidden partition. 

25 An additional I/O driver may be placed between the file system I/O interface and a 
disk driver for access control, Intercepting, filtering and re-dlrecting data for the 
dynamic data files in the hidden partition. The access control, intercepting, filtering 
and re-directing may be by the use of regulatory, matching, and fulfillment tables. The 
additional I/O driver may be part of one or more of: the disk driver, the file system I/O 

30 interface, and the operating system. 

The dynamic data files stored in the hidden partition may be protected. The dynamic 
data files stored in the hidden partition may be used as active working files and are 
continuously updated. The original dynamic data files stored in the main partition may 
35 also be continuously updated and may be used as min'or files. 

A plurality of back-up copies of each dynamic data file in the hidden partition may be 
made in the hidden partition using a first-in-first-out sequence. 



r 
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Upon accessing and modifying a working data file, the plurality of bacl(-ups may be 
updated according to a pre-assigned back-up scliedule. 

5 In another form, the present invention provides a system for management of access 
to a host computer by a remote computer wherein access by the remote computer is 
In accordance with a software security access policy in the host computer. 

The software security access policy may have a file access right and control 
10 mechanism. The fife access right and control mechanism may be used to selectively 
provide protection to selected software applications and their respective dynamic data 
files. 

The file access right and control mechanism of the host computer by the remote 
computer may be controlled by the host computer and includes: 

(a) selection of software application/programs; 

(b) selection of dynamic data files of the software application? 

(c) selection of configuration files; 

(d) selection of a.data file or folder; and 

(e) selection of the type. of the operation to be performed by the remote 
computer. 

The selected file, or files belonging to the selected folder, may be automatically given 
the access right while any others will be denied access. The file access right and 
25 control mechanism of the host computer may be pre-determined by a category of the 
remote host computer and different remote computers are given different access 
rights for different usage. All files including program, configuration and user data may 
be automatically given the access right while all others are denied access. 

30 The selected software applicatior)s and their respective dynamic data files may be | 
identified and are located in at least one partition of the primary operating system of 
the host computer. Dynamic data files may be identified and passed into a hidden 
partition on a hard disk of the host computer, the passing being by one or more 
selected from the group consisting of: coping and redirection. The host computer j 

35 may use diagnostic utilities to allow remote technical support by the remote computer. 

In a further fonm the present invention provides a system for providing an external 
back up for at least one computer to at least one hidden partition of a centralized back 



15 
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up server, wherein dynamic data files of the at least one computer are identified and 
passed into the at least one hidden partition on a hard disk of the .central back up 
server, the passing being by one or more selected from the group consisting of: 
coping and redirection. 

5 

The at least one hidden partition of the central back up server may be accessed using 
at least one selected from the group consisting of a: LAN, WAN, VPN, Intranet and 
Internet. Critical applications and their dynamic data files may be stored and 
protected In the at least one hidden partition of the central back, up server by using 
10 encryption and are only able to be accessed by authorized users. 

For both the second and third forms, the host computer may have an additional t/0 
driver placed between a file system I/O interface and a disk driver for access control, 
intercepting, filtering and re-directing data for the dynamic data files, the additional I/O 

15 driver using aao secondary operating system. The access control, intercepting, 
filtering and re-directing may be by the use of regulatory, matching, and fulfillment 
tables. The additional I/O driver may be part of one or more selected from the group 
consisting of: the disk driver, the file system I/O Interface, and the primary operating 
system. The secondary operating system may be different than te the primary 

20 operating system. Preferably, the back up uses one of the primary operating system 
and the secondary operating system; and recovery uses thete secondary operating 
system. The remote access may be through the secondary operating system. 

The invention in a final aspect also provides a computer usable medium comprising a 
25 computer program code that is configured to cause a process or to execute one or 
more functions to perform a system as described above. 

All forms of the invention may be used Individually, or in any possible combination. 

30 Description of the Drawings 

In order that the invention may be readily understood and put into practical effect, 
there shall now be described by way of non-limitative example only preferred 
embodiments of the present invention, the description being with reference to the 
35 accompanying illustrative drawings in which: 



Figure 1 is a typical hard disk structure of a computer system with three partitions; 
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Figure 2 is a hard disk structure of a cx)mputer system with three partitions and one 
hidden partition; 

Figure 3 is a process flow of calculating the amount of hard disk space required for the 
hidden partition and the availability of free hard disk space; 
5 Figure 4 Is a process flow diagram of constructing an empty hidden partition; 
Figure 5 Is a process flow diagram of setting up a data isolation file type table; 
Figure 6 is a process flow diagram of duplicating the dynamic data files of deselected 
software application into the hidden partition; 
Figure 7 is a structure of a regulatory table; 
10 Figure 8 is a structure of affile access system in a typical operating system; 

Figure 9 is a detail of affile access structure around the enhanced file filter driver 
("FFD"); 

Figure 10 is a process flow diagram of the modified I/O file access operation with the 
FFD-dfivGF; 

1 5 Figure 1 1 is an example of reading a dynamic data file in the hidden partition; ■ 

Figure 1 2 is an example of writing data into a dynamic data file In the hidden partition; 

Figure 13 is a illustration of a circular first-in-first-out ("FIFO") operation for an active 

working data file in the hidden partition; 

Figure 14 is a process flow diagram of an original full back up; 
20 Figure 15 is an illustration of the relationship between the bitmap table and the 

memory blocks; 

Figure 16 is an illustration of the modified In/out ("I/O") file access with FFD system 
interception; 

Figure 17 is an illustration of the structure of the file modification table; 
25 Figure 1 8 is a process flow diagram of an Incrementai back up; 

Figure 19 is a process flow diagram of a system recovery by using original full back 

up; 

Figure 20 is a process flow diagram of a system recovery by using incremental back 
up; 

30 Figure 21 is an illustration of an automatic process flow of carrying out a temporary 
back up; 

Figure 22 is a process flow diagram of entering into the recovery system through use 

of a hot key; 

Figure 23 illustrates an external back up and remote recovery over a network 
35 environment; 

Figure 24 is an illustration of an external back up and remote recovery over a network 
environment; 

Figure 25 is an Illustration of a first remote access control system; and 
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Figure 26 is an illustration of a second remote access control system. 

Description of the Preferred Embodiments 

5 The first embodiment is a dual operating system environment for a computer system. 
The computer system has a primary operating system used for its normal working 
environment. The operating system may be, for example, a "Windows" operating 
system of Microsoft Corp. There is provided a separate system as aao secondary 
operating system for software and data maintenance, back up and recovery. This 

10 separate system may be for example, a "Linux" operating system. The data backed 
up may include the primary operating system and software application. The 
secondary operating system may be transparent to a user. The secondary operating 
system Is placed between the primary operating system of the computer and the 
dynamic data files. Therefore, all data passes through the secondary operating 

15 system of the present Invention. This applies to data from the operating system to the 
dynamic data files, and the data flow from the dynamic data files to the operating 
system. 

Depending on the size and availability of space on the hard disk in the computer 
20 system, a hidden partition is created and used for software and data maintenance, 
back up and restoration. The hidden partition is preferably at least one-third of the 
total hard disk space. For a high-end computer system having multiple hard disks, 
one of the hard disks may be allocated for the exclusive use for software and data 
maintenance, back up and recovery. 

25 

The hard disk may be partitioned Into a number of drives for proper maintenance of 
the primary operating system, software application, and user data files. Every partition 
starts with a partition table that defines the boot indicator, partition type, and other 
attributes. For example, the partition type defines the type of file system to be used for 
30 the operating system. With the "Windows" operating system [Wlndo\A^ 98, Windows 
2000. Windovy^ XP], three types of file systems namely FAT16, FAT32 and NTFS are 
supported. 

There is a special flag named "hidden" in the partition table. Upon activation by the 
35 software utility routine, any partition marked "hidden" will no longer be recognized and 
managed by the operating system. The partition is hidden, and not accessible to the 
primary operating system. Data stored in the hidden partition is isolated and thus 



i 
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protected. Furthermore, the presence of the hidden partition will not cause problems 
with the computer systems. 

Figure 1 shows a typical hard disk partition structure without a hidden partition. The 
5 hard disl< 210 Is partitioned Into three partitions / drives^ named as C, D and E. | 

Rgure 2 shows a partition structure with a hidden partition 212 for hard disk 210. One 
or more of the normally used partitions C, D and E are reduced in size and the 
balance of the disk space is used for the hidden partition 21 2. However, the hidden 

10 partition 212 Is not recognized by the computer's operating system so the total disk 
space recognized by the operating system is reduced. For example, if hard disk 210 
has a capacity A_of 100 GB, for the embodiment of Figure 1 . the C partition may have | 
25 GB, the D partition 25 GB and the E partition 50 GB. Once the hidden partition is 
created, the C partition may have 15 GB, the D partition may have 15 GB, the E 

15 partition may have 35 GB, and the hidden partition may have 35 GB, Accordinolv. 
oartitions C. D and E have a combined capacity A', hidden partition 212 has a capacity 
B. and capacity A is the sum of capacities A' and B. Preferably, the hidden partition 
21 2 is at the last part of hard d isk 210. 

20 In order to construct a hidden partition 212 that has sufficient continuous free memory 
space, an initialization process is perfonmed when the software Is installed. This Is 
shown In Figure 3. A pre-scan of the entire hard disk is carried out to calculate the 
amount of free hard disk space available for the hidden partition 212 (1). The hidden 
partition 212 requires a reasonable amount of free space on the hard disk 210. This 

25 may be as a percentage of the total capacity of the hard disk 210, or as a 
predetennined minimum amount of hard disk space. If it is as a percentage, that may 
be a fixed percentage, or may be on a sliding scale depending on the total capacity of 
the hard disk 210. For example, it may be 30% to 35% for a hard disk capacity of 
100GB, but may be only 20% for a hard disk capacity of 1TB. 

30 

Assuming the hidden partition 212 requires 30% of the total hard disk space, the pre- 
scan determines the amount of free space on hard disk 210. as well as the total 
capadty of the hard disk 210. It then determines the percentage of the capacity of 
hard disk 210 that is free (2). If the available free hard disk space in percentage terms 
35 is less than the required amount (3) and thus Is insufficient, the system will 
automatically halt after the pre-scan and display on the screen of a monitor a 
message that there is insufficient space on hard disk 210 for there to be a hidden 
partition 212 (4). If there is sufficient space, the system continues and constaicts a 
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hidden partition 212 (5), preferably at the last memory space of the hard disk. In order 
to construct a sufficient and continuous free memory space for the hidden partition, 
the system may rearrange the existing partitions and relocate data files from the 
hidden partition to another partition. 

5 

Upon completion of the pre-scan and determination of the capacity of hard disk 210. 
an empty hidden partition 212 is constructed. The hidden partition can not be 
accessed by the primary operating system. Figure 4 shows the detailed flow of 
constructing an empty hidden partition. As can be seen, after the relevant software is 

10 installed (6), the master boot routine modified and the boot routine duplicated (7), the 
computer system is rebooted, the attributes of the hidden file are accessed, the 
existing partitions are rearanged, and the hidden partition created (8). The 
modifications to the master boot routine fMBR") set the hidden partition operating 
system as the active partition for next boot up. This will be automatically executed by 

15 the secondary operating system. The master boot routine Is again modified and the 
recovery system installed (9). The master boot routine is automatically modified and 
retumed to the normal active partition that operates under the primary operating 
system for the next boot up. A 30-second detection of the hot key sequence Is 
inserted after the BIOS check sequence of the normal boot routine. Tlie recovery 

20 system environment is entered, all flies are duplicated into the hidden partition, and an 
entry point in the hidden partition is created for entry (10). The entire operating 
system Is then backed up as are all dynamic data files according to the data isolation 
file type t able (11). The computer is rebooted and the normal operating system 
environment entered (12). The file filter driver ("FFD") is installed and the operating 

25 system returns to normal (13). 

To identify dynamic data files within the operating system, the software inventory of 
the computer Is obtained. Dynamic data files may include system or software 
configuration files, and user data files. After collecting the software inventory of the 
30 computer, the dynamic data files determined from the inventory and-are backed up 
into the hidden partition. 

Preferably, all the I/O operations in the system are monitored. Any I/O operation to 
access the dynamic data flies will be redirected to the active working dynamic data 
35 files in the hidden partition. As a result, the active working copy of the dynamic data 
files is copied firom the original document files on the hard disk to the duplicated 
document files in the hidden partition during Installation of the secondary operating 
system. Furthermore, the secondary operating system will automatically perform a 
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back up to the duplicated dynamic active working data files in the hidden partition 
whenever and as the files are modified. 

/" 

To create a user data isolation file type table the process flow of Figure 5 is followed. 
5 Due to differences In hardware and operating systems, and also users' different use 
requirements, which of the software applications and their respective data files are 
important to different users will vary. As such, a method of Identifying and separating 
the dynamic data files of the important software application files Is used. This may 
include one or more of four ways: 
10 (a) Through analysis and segregating the common applications of the operating 
system. The most commonly used applications of a "Windows" operating 
system are set out rn Table 1. 

Table 1 

15 



Type 


Definition 


Characteristic 


Status 


Address 
book 


Address book 
of Window OS 


These files (*.WAB) are stored in a 
specific place of the operating system. 
Users go through the registry to obtain 
its location. 


Very important 


Email 


Emails in 

Outlook 

Express 


By default, it is stored in the operating 
system. When a system failure occurs, 
all email is lost. User goes through the 
registry to obtain its location. 


Very Important 
(some users may 
use other email 
software) 


Favorites 


Store the 
bookmarks of 
user's favorite 
URLs. 


By default, it is stored in the operating 
system. User goes through the registry 
to obtain its location. 


Very important 
(some users may 
use other 
explorers) 


My 

Document 


System 
default file 
directory. It 
includes My 
Music, My 
Picture, and 
etc. 


Stored together with the operating 
system. When a system failure occurs, 
the files stored under this directory may 
be lost or corrupted. 


Very important 


My 

Desktop 




Stored together with the operating 
system. When a system failure occurs, 
all the files stored in this directory will 


Very important 
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be lost. 




Character 
Set 




Stored together with the operating 
system. When a system failure occurs, 
all the data will be lost. 


Very important 


User define 
Character 

Set 




Stored together with the operating 
system. When system failure occurs, all 

data will be lost. 


Very important 


Cookies 


Store in 
system default 
location. 


Stored together with the Operating 
system. When a system failure occurs, 
all data will be lost. 


Very important 



Table 1 



(b) Through analysis and segregating the commonly used software applications. 
The most commonly used applications are In Table 2. 

Table 2 



Type 


Application 


Characteristic 


Status 


Word Processing 


MS Word 


This is the most commonly used word 
processing software. It supports the .doc, 
.rtf and .dot formats. 


Very 

Important 


Word 
Perfect 


It supports the .wpd and .doc formats. 


Normal 


Spreadsheet 


MS Excel 


This Is the most popular spreadsheet 
software in MS Office. Its file extension is 
.xl*. 


Very 
important 


Electronic Email 


MS Outlook 


It is the most popular email system in MS 
Office. Its file extension is .pst. 


Very 
Important 


Lotus 
cc:Mail 


A popular email system mainly used in 
offices 


Normal 


Database 


MS Access 


This is the database software In MS Office. 
Its file extension is mdb. 


Very 
Important 


Utilities 


Winzip 


This is the most popular data compression 
software. It supports .zip, .arj and etc 
fonnats. 


Very 
important 


McAfee's 
Anti-Virus 


Popular anti'Virus software. 


Normal 



56264/S1214 



13 





Norton's 
Anti-Virus 


Very popular anti-virus software. 


Normal 


Web Page 
Development & 
Browsers 


MS Internet 
Explorer 


Very popular Internet explorer It supports 
htm, html, xml, asp and etc formats. 


Normal 


Netscape 


Popular Internet explorer. It supports htm, 
html, jsp and etc formats. 


Normal 


MS 

FrontPage 


Popular html produce tool. It supports htm, 
html and asp formats. 


Normal 


Personal 
Communications 


MSN 

Messenger 






Yahoo 
Messenger 






ICQ 






AOL Instant 
Messenger 







Table 2 



(c) Through analysis and segregating unknown software applications. For 
5 software applications not listed in Table 2, the software registration table is 

checked to determine any such unknown software application and its 
respective data for data Isolation. 

(d) Through analysis and segregating user-defined data files. The user may 
10 define data file types, or folders, for protection. This Is shown in Table 3. 



Table 3 



Type 


Definition 


Characteristic 


File 


Single file 


Specific file name 


Particular type of 
files 


All files with this extension. It can distribute In various 
partitions. 


File 
Folder 


A specific file 
folder 


All files under this directory will be duplicated into the 
hidden partition. All the subsequent files stored into this 
directory will also automatically be duplicated into the 
hidden partition. 



1 ^ T.%Ut^ O 
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As can be seen from Figure 5, after the inventory of the software on the computer is 
conducted (14) and the user's data Isolation file type table is created (15) in 
accordance with one or more of (a) to (d) above. As shown, a combination of (a) in 
5 step 15, (b) in step 16, (c) in step 18 and (d) In step 19, Is used. The table is then 
constructed (31). 

Upon completion of creation of the empty hidden partition and the user data isolation 
file type table, a duplicate copy of the data files of the selected software application 

10 will be copied into the hidden partition. Figure 6 shows the detailed process flow of 
this. After accessing the user data Isolation file type table (33), the same file structure 
is constaicted In the hidden partition (20). A check is performed (21) and, if 
completed, the construction of the hidden partition Is concluded (22). By using the 
same file structure in the hidden partition, links can be provided between software 

15 static routines and their associated dynamic data files. 

It Is possible to add or delete data file types in the data isolation file type table 
especially when there is a change in the user-operating environment. The data 
isolation file type table is preferably stored in the hidden partition to prevent corruption. 

20 

As shown in Figure 5 and described above, there are two types of pre-defined 
applications for data Isolation, One is the pre-defined common applications of the 
operating system - (a) as described above. The other is the pre-defined common 
software application - (b) as described above. They may be the same. During 
25 installation of the software and data maintenance, back up and recovery system, the 
system will automatically analysis the user operating and software environment, and 
use the pre-defined user data isolation file type table for data isolation. Subsets (a) 
and (b) of the data Isolation file type tables may be used to determine data in 
commonly used applications of operating systems and software applications. 

30 

Through thean FFD routine, the system Is able to intercept the I/O file access 
operation to obtain the file attribute and operation of all files loaded into the computer, 
or being sent from the computer. This is shown in Table 4. 

35 Table 4 



Type 


Content 


Remark 


Attribute of file 


Path of file 


E.G. c:\My DocumentM .doc 
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Name of file 


1.doc 


Extension of file 


Doc 


Size of file 


12.284M 


Modification Time 


2003/3/8 






Operation of file 


Read 




Write 




Modify 




Rename 




Move 




Delete 





Tabled 



(a) Regulatory table 

During installation of tlie FFD routine, the regulatory table is read and stored. 
Subsequent accessing of tlie regulatory table is an Internal operation of the system to 
allow a faster system response. Figure 7 shows the structure of the regulatory table. 
For each regulation (23, 24, 25, 26) there Is the length of the regulation (27), matching 
regulation (28), matching type (29), and fulfillment of matching (30). 

(b) Matching regulatory table (28) 

When a file operation is intercepted by the FFD routine, the FFD routine will obtain the 
attributes of the file and use the attributes to perform matching with the pre-defined 
regulatory table. Once a matching Is fulfilled, it will execute accordingly. Othen^^ise, It 
will pass the file access operation back to the o peratina system for processing by the 
operating system. 

(c) Fulfillment of matching (30) 

When a matching condition is fulfilled, rt will execute accordingly. This is shown in 
Table 5. 



Table 5 



I 
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Type 


Scope 


Detail 


Re-dlrection 


including all the I/O operation 
of this file 


Read/write, rename, delete, 
move etc attributes. 


Log file 


Record the changes in this file 
to Log file (File Modification 
Table). 


Change time, location, type 
of operation (write, rename, 
delete, move and etc). 


Reservation 


Reservation for future 
expansion 





Tabled 



5 (d) Pre-define Data Isolation File Type [commonly used applications of the 
operating system] Reference Table^ 

According to the user data isolation file type table, the system is able to pre-determine 
the commonly used applications of the operating system reference table as is shown 
10 in Table 6. 

Table 6 



15 



No. 


Application 


Matching Regulation 


Action 


Renfiark 


1 


Address 
Book 


C:\Documents and 
Settlng\%UserName%\Appiication 
Data\Microsoft\Address 
Book\%UserName%.wab 


Re- 
direction 


%UserName% refers 
to the existing 
registered user 


2 


Email 


Can use registry to obtain the 
stored location of ^dbx 


Re- 
direction 




3 


Favorites 


C:\Documents and 
Setting8\%UserName%\Favorites 


Re- 
direction 


%UserName% refer 
to the existing 
registered user 


4 


My 

Document 


C:\Documents and 
Setting\%LlserName%\ 


Re- 
direction 


%UserName% refers 
to the existing 
registered user 


5 


My Desk 


C:\Documents and 


Re- 


%UserName% refers 
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Setting\%UserName%\Desk 


direction 


to the existing 
registered user 


6 


Character 
Set 


C:\WINDOWS\Fonts 


Re- 
direction 




7 


User define 
Character 

Set 


Distribute in C:\Documents and 
Settings\Administrator\Application 

Data\ 


Re- 
direction 




8 


Cookies 


C:\Documents and 
Settings\%UserName%\Cookies 


Re- 
direction 


%UserName% refers 
to the existing 
registered user 



5 

(e) Pre-define Data Isolation File Type [common software application] Reference 
Table, 

According to the User's Data Isolation File Type Table, It is possible to pre-determine 
10 the common software application reference table as shown in Table 7. 

Table? 



No. 


Application 


Data file extension 


Action 


Remark 


1 


Word 

Processing 


*.DOC,*.RTF*.DOT 


Re-direction 




2 


Spreadsheet 


*.XL? 


Re-direction 




3 


Electronic Email 


*.PST,... 


Re-dlrection 




4 


Database 


*.MDB 


Re-dlrection 




5 


Utilities 


*.ZIP;*.ARJ *.RAR. including 
all those files related anti- 
virus applications 


Re-direction 




6 


Web Page 

Development 

&Browsers 


*.HTM.*.HTML*.XML,*.ASP 


Re-direction 


Need to protect ail 
the related files in 
the active 
partitions. 



I 
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7 


Personal 


Need special customization 


Re-direction 






Communications 









Table 7 



After duplicating the dynamic data files of the selected software application into the 
5 hidden partition, the dynamic data files in the hidden partition are assigned as active 
working files and are continuously up-dated. An I/O file filter driver (the FFD) may be 
added to the existing operating system to enable this to happen. All the file accesses 
in the operating system will be monitored and interpreted. 

10 All accesses to the dynamic data files In the operating system (those not in the hidden 
partition) will be handled by the operating system in their original location. All 
accesses to dynamic data files in the hidden partition will be re-directed by the system 
to the hidden partition to enable direct access to those files. This re-direction process 
to access the protected files in the hidden partition is automatic, and is preferably 

15 transparent to the user. The original copy of the dynamic data file on the main hard 
disk is retained as a mirror file and continuously updated. 

Figure 8 shows the file system access stnjcture with the operating system application 
32, such as, for example. "Windows", MS Dos. and WIN32 application. TheM 

20 software application 32 is operating in the user space. Under the structure in the 
kernel space, an add-in enhanced FFD 36 Is inserted between the file system 1/0 
interface 35 and the NT file system, FAT file system, CD-ROM file system, and so 
forth, 34. The file system 34 Inslmcts and reacts to data from disk driver 37. The FFD 
36 is capable of monitoring and intercepting all system and user I/O operations 

25 including read/write, rename, delete, and so forth, to files. The FFD 36 Is also capable 
of selectively accepting or rejecting access to files under protective isolation. This Is 
particularly useful In remote file access management. Any other IFS drivers (37) are 
in parallel with the FFD (36). 

30 Figure 9 shows the file access structure around the FFD driver. The FFD driver 
interacts with I/O file access (39); regulation table (40) including matching regulation 
(28), matching type (29) and fijifillment of matching (30); file modification table (41); 
and hidden partition access (42), The regulation table (40) interacts with the data 
isolation fiJe type table (38). 

35 
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As shown in Figure 10, when the operating system intends to open an existing file or 
create a new file, this request will be intercept by the FFD that accesses the file (42) 
and obtain the attributes of the file (43)* The FFD 36 will inspect the intention of this 
request and check (44) with the data isolation type table (45) stored in the hidden 
5 partition. If the request file or file type is being protected, this I/O operation request 
(39) will be intercepted and handled by the FFD (36) by access to the hidden partition 
(46) and thus the files (48). Otherwise, this operation will be handled over to the 
Windowsw indow I/O driver for completion (47). 

10 Figure 11 shows an example of an attempt to read a protected file named 1.doc. 
Here, upon receipt of the access request (49) the FFD intercepts the request (50) and 
detects the presence of the file In the hidden partition (51). The FFD then accesses 
(52) the file in the hidden partition and reads (53) the content of the file in the hidden 
partition. 

15 

In Figure 12 there is shownshow an example of an attempt to write a protected file 
named l.doc. Again, upon receipt of the request (54), the FFD Intercepts the call (55) 
and detects the presence of the file in the hidden partition (56). The FFD then writes 
(57) the data to the file in the hidden partition. 

20 

In the hidden partition, all the dynamic data files will be backed up whenever they are 
accessed and modified. The back up system will maintain up to three back up copies 
of each dynamic data file In the hidden partition in first-in-first~out (FIFO) sequence. 
More back up copies or roll back points for every dynamic data file are possible, but 
25 would require more memory space reserve for the hidden partition. By default the 
recovery system will use the last back up for recovery. However, it Is also possible for 
a user to select a previous data file back up in the circular FIFO for recovery. For 
example, to restore a previous data file that has been overwritten without a back up 
being made. 

30 

Figure 13 shows a detailed FIFO buffer of a dynamic data file in the hidden partition. 
Every data buffer consists of one working and three back up data files. In the FIFO, 
the [N] copy of the data file will always contain the up-to-date data file as the working 
data file. Upon accessing and modifying the working data file, the [N-2] copy of the 
35 FIFO will be updated and have the same content as the modified working data file 
according to the pre-assigned back up schedule, this may be set In terms of weeks, 
da^, hours or minutes. This [N-2] copy of the FIFO is reassigned as the [N] copy. The 
old [N] and [N-l] copies become [N-1] and [N-2] copies respectively. 
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As mentioned, the use of the data Isolation technique to the software and data 
maintenance, back up and recovery system is to recover the data lost during a system 
failure. If the system can maintain and backup the entire system environment when It 
5 is in a normal working condition, the system can always resolve an unstable or failed 
system condition by restoring the normal working system environment after detection, 
prior to, or after system failure. A normal working operating environment Is then 
resumed. 

10 In general, software including operating system and data maintenance, back up and 
recovery consists of two processes as shown in Table 8: 

(1 ) maintenance and back up of software including the operating system and data 
to the protected hidden hard disk partition; and 

(2) recovery and restoring of the software and operating system from the 
15 protected hidden hard disk partition. 

Three different back up types may be supported as shown in Table 8; 

Table 8 

20 



Type 


Usage 


Details 


Original full 
back up 


Conduct an original full 
back up initially. 


Back up a complete copy of the user operating 
system, software and data of the present 
environment in the active partitions into the 
hidden partition according to track fomnat of the 
hard disk. 


Incremental 
back up 


This is an Incremental 
back up with reference 
to the original full back 
up. 

It can also include the 
temporary back up into 
this back up if required. 


Back up the differences (e.g. modified files, 
additional new files and remarked deleted files) 
between the original full back up and the existing 
operating environment into the hidden partition in 
compressed fomnat. 


Temporary 
back up 


This IS the latest 
incremental back up of 
the system. 


Back up the differences (e.g. modified files, 
additional new files and remarked deleted files) 
between the last incremental back up and the 
existing operating environment into the hidden 
partition in compressed format. 



21 
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Upon installation of the software and data maintenance, back up and recovery 
5 system, an original full back up Is perfomned. 

As shown in Figure 14, the original full back up is based on the block level of the hard 
disk. Before back up, hard disk is scanned (58) to identify those blocks that contain 
data. A record is created (59), the MBR is backed up (60). t he attributes of the file 
10 system and memory block Is accessed (61) and a scan is,conducted of all active 
partitions to obtain the existing condition of all memory blocks and its bitmap table 
(62). These blocks are backed-up (63), compressed (64) and stored into the hidden 
partition (65). Empty blocks will not be backed- up. This will greatly improve the 
efficient usage of the hidden partition. 

15 

Figure 15 shows the relationship between the bitmap table and the memory blocks. 
The bitmap table contains the status every memory block. If the memory contains 
data, its respective bitmap will contain a 1; otheoA^ise it will contain a 0. 

20 Incremental back up is operated under the normal operating environment of the 
computer. It can be Invoked either by the intent to carry-out an incremental back up, 
or automatically when the operating system detects ttot-a new software or hardware 
driver being installed. Under incremental back up, the system wll back up the 

differences with a special listing record file between the original back up environment 
25 and the current operating environment and t he back up will be to the protected hidden 
partition. All modified and additional document files are backed-up and remarked in 
the special file. All the missing document files are recorded and remarked in the 
special file. 

30 As shown in Figure 16. after the original full back up (Figure 14) and entry into the 
operating system, the add-in FFD will start to monitor and intercept (67) all the I/O file 
access (66) operations by the operating system. If the access file is protected in the 
hidden partition (68), it will automatically re-direct (69) the access to the hidden 
partition. If the access file is a system file, it will be (70) handed over to the operating 

35 system (7174) for operation. If the access file is unprotected and classified as a 
neglected file type (e.g. system swap file. *.tmp files, and so forth) (72), it will record 
(73) the name of this file into the "file modification table" stored in the hidden partition, 
and send the file to the operating system for operation (74) . 
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The fiie ^ modification table is shown In Figure 17. Through the FFD, it can obtain 
the information of file changes and then record these changes into the file modification 
table as follows: 

5 (a) type of operation (75): Write, Rename. Delete or Move; 

(b) time of change (76): 

(c) directory path and file name (77); and 

(d) destined directory path and file name (78) (used for change path or rename). 

10 As shown in Figure 18, the incremental back up (79) is based on the changes In the 
file modification table with changes being backed up In compressed fonmat to the 
hidden partition. During the incremental back up, it is required to suspend all system 
operations (80) until the back up Is completed. The file modification table Is accessed 
(81) and all required files are compressed and backed-up (82). 

15 

The temporary back up is the same as the incremental back up. It is always the last 
incremental back up of the system. 



After installation of a_new software application or hardware driver that results in | 
20 instability or failure of the computer system, the recovery process is invoked to restore 
the original stable state. Regardless of which of the three types of back up has been 
previously used, any type of back up can be selected for recovery. 

There are two ways that abuser can select to restore the normal operating 
25 environment when the computer encounters a system failure : 

(1) use a pre-assigned key such as, for example, F12. as a hot key during power 
up to enter into the operating environment directly as shown: and 

(2) t0-{nvoke the recovery process from the operating system and the operating 
system will automatically restart the computer in the recovery operating 

30 environment. 

in Figure 19 Is shown the process flow for the system to enter into the recovery 
system upon detection of hot key pressing during power up. During power up (either 
initially or at restart) (86), it detects (87) the hot key having been pressed. In the 
35 recovery system environment, the user can select (88) one of the three types of back 
up system for recovery. During recovery, it will first access the original full back up 
(89) in the hidden partition then restore the back up operating system to the active 
partition (90) according to the bitmap table. Then, It will inspect the data isolation file 



56264/S1214 



type table in the hidden partition (91) and check the respective files in the active 
partitions (92). If it discovers missing files in the active partitions (93), it will copy back 
the files from hidden partition to the respective location in the active partition (94) then 
restart the computer (95). If there are no missing files, it proceeds directly to the 
5 restart (95). 

In Figure 20 is shown the process flow of restoring the computer system by using an 
incremental back up. The process flow of restoring the computer system by using the 
incremental back up. or a temporary back up, ts the same. After restarting the 

10 computer (96) either as a reboot or initial start, the pressing of the hot key is detected 
(97) and incremental back up is selected for recovery (98). The file record table of the 
full back up on the hidden partition is accessed (99) and a scan ls_conducted to gather 
all file record tables (100). If there are any missing files from the record table with 
reference to the full back up (101). restoration proceeds from the original full back up 

15 (102). If there are missing files, the file record table of the selected incremental back 
up is accessed (103) and the data Isolation file type table accessed (104). From that 
table are extracted those files from the existing system (105). If there are no missing 
files (106), the computer is restored and the normal operating system entered (108). 
If there are missing files, the missing files are copied from the hidden partition to the 

20 active partition (107). the computer is_restarted and the normal operating system re- 
entered (108). The restoration ends (109). 

Through the system recovery, the operating system and software will be recovered 
from the hidden partition and copied to the active partitions while retaining all data in 
25 its latest status. The normal operating system environment is restored from the 
previous state, when a system failure occurs. 

When using the original full back up for recovery, any previous incremental back (up-lf 
present) will not be deleted. 

30 

Many system Instabilities or failures are caused by installing an unstable hardware 
driver, or an unsuitable software application. The software and data maintenance, 
back up and recovery system has an automatic mechanism as shown in Figure 21. 
Once the system detects the installation of a new software application or hardware 
35 driver in the computer system (110), it will automatically suspend the installation (1 1 1) 
and perfomns a back up of the existing system environment (112). After completion of 
the back up (113). it will resume the installation. Subsequently, if system instability or 
failure Is encountered (1 14) after the installation or running of the new application, the 
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computer system can easily restore te-the previous operating environment from the 
last back up. 

When the primary operating environment is damaged, it is still possible to restore the 
5 operating environment with up-to-date data files system. 

Figure 22 shows the detailed process flow diagram of the hot l^ey invoking a system 
recovery. 

10 As mentioned earlier, the master boot routine Is automatically modified after the. 
installation of the software and data maintenance, back up and recovery system. After 
powering up the computer (115) the nomial power-up sequence of the c omputer 
system Is redirected to the recovery system for a predetermined time such as, for 
example, 30 seconds after the BIOS check routine (116). The system will enter into 

15 the recovery operating environment (121) for system recovery upon detection of the 
hot key (117, 120). Otherwise (118), it will resume the normal powered up process 
and enter into the operating system (119) environment. 

The software and data maintenance, back up and recovery in a stand alone computer 
20 svstem svstomc may be extended to an external storage server within a 
communication network. 

This data Isolation technique may oerforml ft software and data maintenance, back up 
and recovery in an external computer system within a communication network. 

25 

The structure of a computer network consists of a host and a remote computer system 
connected by the Internet. a^LAN. WAN. I ntornot. Intranet, and so forth. A remote 
computer system may use its remote access management routine [remote version] to 
access and control the host computer system with a remote access management 
30 routine [host version]. 

There are two ways a host computer system can be connected to the Internet. The 
first is a direct connection of the host computer system to the Internet, as shown in 
Figure 23. The second is a host computer system within a LAN or the like and which 
35 is in turn connected to Internet, as shown in Figure 24. 

Figure 23 shows the situation where the host computer systems are directly 
connected to the Internet. The host computer systems are typically individuals or I 
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small business users who use dial up modems, or xDSL, to connect to the Internet. In 
general, the IP address of the host computer systems is dynamic. 

Upon being connected to the Internet, the host computer system will send Its assigned 
5 IP address and remote access policy to the name server and security server, 
respectively. It is only after the determination of the IP address and access policy of 
the host computer system that the remote computer system is able to be connected to 
the host computer system. 

10 It also shows that the remote computer system can be connected to the Internet 
directly, or within a LAN, to the Internet. 

Figure 24 shows the host computer system within a LAN. As the host computer 
system does not have a WAN IP address, there is a gateway server in the LAN. The 
15 gateway server has a static IP address. Hence, the remote computer system can 
connect directly to the gateway server to access the name server and security server 
in the LAN. The gateway server will then establish the connection between the 
remote computer system and the host computer system. 

20 In the case when a.LAN is using a dynamic IP address to access the Internet, the 
gateway server updates Its IP address and access policy with the external name 
server and security server respectively when it is connected to the Internet After the 
remote computer system obtains the IP address and access policy of the h ost 
gateway server, it will then connect to the host computer system through the gateway 

25 server. 

For both Figures 23 and 24, a host back up server is configured and is accessible by 
all remote computer systems connected to the network. The host back up server Is 
for secondary back up and recovery. The host back up server can be a back up 
30 server for host computer systems over the LAN. It can also be a host back up server 
for remote computer systems over the Internet. Every stand-alone remote computer 
system will be assigned a second, logical, protected, hidden partition at the host back 
up server for secondary back up and recovery. 

35 A remote access management routine running on both the stand-alone remote 
computer systems, and the host computer system, may be used. 
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The data transfer between the stand-alone remote computer systems, and the host 
back up server, Is preferably secured such as by encryption. Also, the data stored at 
the secondary protected hidden partition at the host bacl< up server may be protected 
by encryption. It is preferably only accessible by authorized users. 

5 

By the use of a computer diagnostic utility tool together with remote access 
management routines with security access policy features provided by the FFD, a 
data isolation technique for host computer svstems s v s t e m s i can be provided to 
enable remote diagnostic and recovery. 

10 

In Figure 25, the remote computer system obtains an IP address and a security 
access right policy of the host computer system from the name and security servers 
respectively to be able to connect to the host computer system. The request from the 
remote computer system uses a WAN/LAN to access the host computer system. 

1*5 Through NIC/Modem, socket layer and host services, it becomes a host computer 
system request. At the same time, the graphics device hook routine of the host 
computer system will transmit the screen display of the host computer system to the 
remote computer system for display. A user interface may be provided on the host 
computer system for the user to configure a security access policy. Under this policy. 

20 the FFD will protect the host computer system from file access by the remote 
computer system. 

For security and privacy of the host computer system, the security access policy may 
include: 

25 1) no right of access to the remote computer system to delete, modify or explore 
data files of the host computer. For example, all the "Office" document files 
may be hidden from the remote computer system; 

2) to hide the personalized information of the host computer from the remote 
computer system. For example, email accounts. MSN account, Window user 

30 name, and so forth, maybe hidden; and 

3) to prevent business document files from access by the remote computer 
system. 

As shown in Figure 26, and mentioned earlie r at pogoc 8 to 11 . at least four different 
35 methods are able to be used to determine the dynamic data files to be isolated for 
protection. The resultant table is used by the FFD to Identify the protected dynamic 
data files for access, and redirecting of data to the hidden partition, for execution. It 
also enables the FFD to selectively accept or reject access of files under Isolation for 
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protection. This capability can be used by the host computer system for control of file 
access by the remote computer system. Furthermore, there are additional methods 
such as those listed In Tables 9 and 10 that are able to be used for host computer 
system protection. 

5 

fe) ( e^Analvsis and protection of the system. 



Table 9 



Type 


Definition 


Characteristic 


Registry 


Critical data to a 
normal operating 
system. 


To reject or limit the access of host computer 
system by the remote computer system. 


User Account 
Management 


The registered user 
license number and 
password. 


To reject to limit the access of the user 
account management in the host computer 
system by the remote computer system so as 
to prevent any changes or modification. 


Host security 
access policy 


To determine the 
security access policy 
of host computer 
system. 


To reject or limit any modification or changes 
to the host computer system by the remote 
computer system so as to prevent any security 
leakage of the system through Internet. 



Tahin Q 

These are some of the basic types of system files to be protected from access by the 
remote computer system. Under different operating systems different system files may 
15 be protected. 

(f) Through analysis and protection of software routine 

The FFD is able to analyze the Installed software application and assist the host 
20 computer system user to determine a software security access policy. As a result, It is 
able to control the access to, and execution of, the host computer system software 
application by the remote computer system user. For example, the FFD can reject the 
execution of instructions to Fomriat, Fdisk, Delete, and so forth involved by the remote 
computer system that may damage the host computer system. 

25 

With this, and as listed In Table 10. a se t of f ile security access policy for a host 
computer system is defined for remote management over the computer network. 



30 



Table 10 
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Operation 


CoDtro] 


File 

1 lav 




v^<ui rcjcui uic rcau opcraiioii invoKcQ oy remoie con^>uier. 
Only selectively enable read operations of certain file or files to 
remote computer. 




WritA 


Can reject the wnte operation invoked by remote computer. 
Only selectively enables write operation of certain file or files to 
remote computer. 




jviouiiy . 


L/an reject ine mocuiy operation mvoKeo by remote computer. 
Only selectively enables modify operation of certain file or files 
to remote computer. 




Rcnsme 


Can reject the rename operation invoked by remote computer. 
Only selectively enables rename operation of certain file or files 
to remote computer. 




Move 


Can reject the move operation invoked by remote computer. 
Only selectively enables move operation of certain file or files to 
remote computer. 




ueieie 


Can reject the delete operation invoked by remote computer. 
Only selectively enables delete operation of certain file or files to 
remote computer. 




Explorer 


Can hide files or directory folders fi-om remote computer. 
Only selectively exposes certain file» files or directory folders to 
remote computer. 


Routine 


Run 


Can reject the execution of software invoked by remote computer. 
Only selectively enables execution of certain software with data 




Install 


Can reject the installation of software invoked by remote 
computer. 

Only selectively enables the installation of software to remote 
computer. 




Uninstall 


Can reject the un-installation of software invoked by remote 
computer. 

Only selectively enables the un-installation of software to remote 
computer. 



Tablo 10 



Figure 26 shows the building block of the FFD for the control and management of a 
5 remote computer system. Before the remote computer system is connected to the 
host computer system, the host computer system user may need to preset the 
security access policy as showns how in Table lO t h e abov e tab le. 

The FFD has three process routines for remote access: 
10 1) the FFD intercepts the request from the remote computer system. For example, 

the explore, read/write/edit/delete/move/execute instructions; 
2) after the FFD intercept of the remote computer system request, the FFD obtains 

the attribute of the requested data files for access, and checks with the security 

access policy; 
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3) the FFD will follow the security access policy and performm ake one of the 
following three options: 

(a) reject the request; 

(b) modify the reguestfequestr and 

5 (c) pass the request. It will then pass the modified request to the main operating 
system for completion of the execution. 

Some of the guidelines for setting the security access policy may be: 

1) to selectively enable the remote computer system to view or execute some of the 
10 operating system, and/or selected software application, and/or their configuration 

and/or data files in the hidden partition; and 

2) AO selectively enable the remote computer system user to read, modify and write 
some of the operating system, and/or selected software application, and/or their 
configuration and/or data files In the hidden partition. 

15 

In additional, the following standard host computer system access controls may be 
provided by the remote access management routine: 

1) to enable the authorized remote computer system user to access the host 
20 computer system by proper authentication procedures including password control; 

2) to protect the software application programs, their configuration and/or data files in 
the host computer system from the authorized remote user; and 

3) to protect and hide the hidden partition of the host computer system from the 
authorized remote computer user. 

25 

In this way privacy for a computer system connected on a network may be enabled to 
allow remote diagnosis, operation and recovery, rf required. This may be by a remote 
computer system. By use of the hidden partition the computer system user data files 
in the protected hidden partition are not exposed to the remote operator. 

30 

As mentioned earlier, it is possible to restore the operating system with up-to-date 
dynamic data files even the primary operating system is damaged. This is possible as 
the recovery system is operated under another operating system. With a built-in 
communication module, remote access management and security access policy, the 
35 recovery system is like the primary operating system. As a result It Is possible to 
provide a secure way for a remote computer system to remotely diagnosis, operate 
and recover the host computer system using the back up stored In the hidden partition 
of the host computer system. 
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The present invention also extends to a computer usable medium comprising a 
computer program code that is configured to cause a processor to execute one or 
more functions described above. 

Whilst there has been described In the foregoing description preferred embodiments 
of the present Invention, it will be understood by those sicilled in the technology that 
many variations or modifications in details of design, construction, or operation may 
be made without departing from the present invention. 

The present Invention extends to all features disclosed both individually, and in all 
possible permutations and combinations. 
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ABSTRACT 

Data Isolation System and Method 

5 A data isolation system for software and data maintenance, back up and recovery for 
a computer wherein dynamic data files are identified and redirected or copied into a 
hidden partition (212) on a hard disk (210) of the computer. Automatic back ups are 
made to the dynamic data files in the hidden partition (212) whenever the dynamic 
data files are amended. The dynamic data files in the hidden partition (212) include 
10 the computer's operating environment so that the computer's operating environment 
can be restored from the dynamic data files in the hidden partition (212), The dynamic 
data files in the hidden partition (212) Include data up to the time of a failure of the 
computer's system. 



